The rapid changes to business models and working arrangements during the COVID-19 pandemic has prompted boards to rethink how they approach innovation and how they can innovate more quickly, the latest AICD EDU heard. 

    “Even at board level when we talk about how we move from A to B and how quickly we can do it, it’s not about standing up great big teams of people and armies of meetings and so on,” said UNICEF Australia chair Ann Sherry AO FAICD. “It’s about who we really do need in a room to make this happen and how quickly we can do it. It’s just a different way of thinking.”

    Directors attending the AICD’s Essential Director Update heard insights from Sherry and David Thodey AO FAICD, chair of Tyro and Xero, on topics including culture, not-for-profits (NFPs), the growing importance of stakeholder management and cybersecurity.

    Commenting on innovation, Sherry said the upside of the pandemic experience is that we’ve learned to do things differently and ask different questions about both speed, and the outcome we’re looking to achieve and how to manage the risks around it — are they real or imaginary? For instance, if companies had been considering allowing staff to work from home in pre-pandemic 2019, they would have been concerned about productivity and whether staff would be watching TV instead of working. But that didn’t happen, staff were diligent and productivity was as good as — or better — than it had been previously.

    “We’ve learned a lot and so let’s take the learning and amplify it, not assume that it was a learning that only went with a point in time,” Sherry told the Essential Director Update event in Canberra, one of several around the nation. “That’s a mindset shift that I’ve seen across all of my boards.”

    Thodey noted that innovation requires aspiration, and that without this there is just mediocracy or necessity. “It’s very hard to say to someone, ‘Just innovate!’ Well, what do you mean? But if you have a big aspiration, you’ve got to do something.”

    Boards should challenge themselves on how they work. For instance, a manager who has prepared board papers ahead of a meeting could attach a five-minute video discussing the key points, so that directors can get straight to the discussion in the board meeting rather than wading through pages of reports. “Remember, it’s the discussion that is really valuable at a board table,” said Thodey.

    Digital technology is moving through every industry and organisation, and despite the recent “hiccup” of falling valuations of tech stocks, the speed of change hasn’t slowed, he said. Boards now have a responsibility to understand technology, such as what Web3 is and artificial intelligence (AI).

    “But there is a real, real value-creation opportunity. It’s about how you can do better analytics and better logics in terms of use of technology. And remember that technology is an enabler of innovation,” he said. “It’s really important that as directors we are across that.”


    Digital technology raises the question of cybersecurity. It was a hot topic, with the Canberra update coming just days after news of the Optus data breach. “There, but for the grace of God, we all go,” said Thodey.

    The data breach highlighted the importance of directors asking how much data their organisation holds and why it holds it. Most of the time, management won’t know because data is held in so many different places. Directors should then ask, “If you are holding it, and it’s justified, is it encrypted?”

    “Most people say some of it is and some isn’t,” said Thodey. “We all need to reflect on what our own organisations are doing. And remember, it isn’t just your own organisation. All of you will have suppliers and organisations. You need to understand their exposure to cyber threat.”

    Thodey added that the ideal is for organisations to create a culture where everyone feels responsible and accountable for cybersecurity. Organisations can write all the procedures and have all the software controls they want, but they also need a culture where everyone understands the implication of cybersecurity.

    “If you’re running a truly citizen-centric or customer-centric organisation, you care about these things. You care about people’s lives and the responsibility you have.”

    Risk factors

    Belinda Robinson FAICD, chair of Western Sydney University Enterprises, the Australian Maths Trust, and Cooperative Research Australia, discussed risk at the Canberra EDU, saying she was focused on how useful her organisations’ risk frameworks were for decision-making. Directors should ask how useful their risk frameworks were in developing their organisations’ strategy. “Unless it’s something you can use in your day-to-day decision-making by management, but especially by you as a board, it’s not of great value, is it? It’s a box-ticking exercise.”

    She added that boards should ask themselves two questions — what are the things that will bring the organisation down and what are the things that, if they go wrong, the organisation won’t recover from? These questions help to shift directors’ focus away from the short-term insular issues.

    Robinson highlighted government policymaking, asking how many boards actually had a director who understands how government works and is keeping an eye on the policymaking environment and how it might affect the organisation. There will always be things boards can’t control, but they can act to minimise the effect that those events have on their organisations.

    Organisations that don’t consider stakeholder needs and views carry a lot of risks, said Sherry. “It’s not a small-ticket item. Sometimes, small things generate big consequences.”

    Directors should ask themselves if they’re doing enough to listen to the concerns of stakeholders and whether they should be hearing more unvarnished views — because often boards react to secondary information from surveys or management.

    “Do directors really understand the stakeholder views, how fast they’re changing and also how organised they are?” asked Sherry. “And do we think management is listening enough to stakeholder views?”

    Sexual harassment

    Sherry highlighted sexual harassment as an issue, noting boards should consider what is required of them — and whether they know if their organisation is managing the issue well. “What tone do we set, in terms of our care factor as directors, that potentially bleeds into organisational culture and leadership behaviours,” she asked the Canberra audience. “Is it clear that the board even cares?”

    Sherry also questioned how often the board received reports. Could the metrics be trusted? Was the board hearing about complaints, particularly the serious ones? She anticipates legislation outlining directors’ responsibilities on sexual harassment and said boards must get ahead of it to have a contemporary position on managing the workplace. “If we were liable, would we have a different view on the way the organisation is managing this issue?”


    Likewise, reconciliation. Sherry said many organisations have a Reconciliation Action Plan, but asked how many directors had seen the plans and whether they are driving change in their own organisations. “Because this is an opportunity for us to be part of the shaping of the Australia of the future as opposed to doing what we think is right to get us through a compliance exercise,” she said.

    She also asked if boards had discussed the planned constitutional referendum on the First Nations voice to parliament and whether the leadership of the organisation has a view on it.

    Climate change

    Thodey discussed climate change governance, noting it was important for all organisations and NFPs to report their emissions, because large companies, which are counting the Scope 3 emissions in their supply chains — will want to know. “You’ve got to understand your carbon footprint — you’ve got a scientific basis on that — and make a commitment,” he said. “No more greenwashing. No more aspirations. No more things you can’t do. And you need to have a business case to do it, because there are costs involved here.”

    Thodey noted that the CSIRO has some 65 locations scattered around Australia, most of them constructed in the 1940s–50s. “The cost to get them upgraded — to move to solar, use hydro, wind or whatever — is quite significant,” he said. “So we had to look at the cost benefit ofthatandwhenwecoulddoit—andhavea realistic target going forward.”


    NFP boards are often considered to be a training ground for commercial boards, but UNICEF Australia chair Ann Sherry AO FAICD warned that directors shouldn’t be learning board skills in a high-risk environment. She pointed out the sector is very diverse, just like the business sector — ranging from very small to very large organisations — and delivers important services. An NFP board requires a range of skills. “It is a good learning space, but
    it doesn’t necessarily all go well for the sector, if that’s the way we think about it in total,” she said. “Many have governance boards that have accountability for very complex and sophisticated organisations, many of which have a lot of risk.”

    NFP organisations will increasingly come under pressure to demonstrate their impact, but this is a challenge for smaller organisations. “Getting better bang for your buck is a really important output for NFPs,” said Sherry. “Most people who give you money, it’s discretionary money, they want to see impact. There’s risk in not doing it well, there’s risk in not having good impact measures, and therefore, efficient use of the money people give you to do the work that you say you’re going to do. Outcome and impact measures will be much more demanded of NFPs, irrespective of whether they’re big charities like UNICEF, or a hospital or water board.”

    Technology plays a key role — both in measuring how the money is spent and also in spending it more efficiently — but the high return from tech is accompanied by high investment. Smaller organisations, struggling with their financial viability, find this a challenge.

    Sherry said it is time that those involved in the NFP space “have a collective responsibility... to have a broader conversation about what financial viability and sustainability look like”.


    When David Thodey AO FAICD chairs a board meeting, he sometimes asks one of the other directors to take notes on how the board behaves and report back at the end of the meeting.

    “It’s just a way of getting independent assessment, because I know that if I’m chairing a meeting, I become quite engrossed in the meeting and can’t always reflect,” he said. “So just having someone say, ‘David, you said this — did you really know the impact you had on that person?’ I’m like, ‘Oh, wow, I didn’t even think about that’.”

    The exercise illustrates the importance Thodey places on culture — and his belief that boards should set the tone. He considers directors should do everything they can to make sure they really understand whether they are being true to the values and cultures of that company. Along with relying on formal surveys, Thodey makes an effort to spend time in the businesses he’s involved with — getting on the phones or working in a shop — and says directors should make time to do this, just as they do for board meetings and meeting preparation.

    When Thodey sees things go wrong in other companies, and organisations getting caught out, he asks himself if he would have done anything differently.

    “When I challenge myself, sometimes I realise I’m not as close to the culture and the behaviours,” he said. “And when I say ‘culture’, I don’t mean just the values on the nice poster — I mean real behaviours about how people are treating each other and getting reality into it.”

    Thodey stressed that setting culture should be a joint exercise with management, not just something that managers merely present to the board.

    Latest news

    This is of of your complimentary pieces of content

    This is exclusive content.

    You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.